1 to 25 of 34 Permanent MITRE ATT&CK Jobs in London

with security tools like LogRhythm, Qualys, SCCM, Intune, Microsoft 365, AD, and enterprise anti-malware Technical knowledge in network segmentation, firewalls, Mitre Att&ck, Windows, Linux, and Mac, with experience in NIST standards and frameworks About You Bring strong analytical, problem-solving, and interpersonal skills More ❯

Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive communication. Preferred Qualifications Degree in Computer Science, InfoSec, or related More ❯

Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive communication. Preferred Qualifications Degree in Computer Science, InfoSec, or related More ❯

Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive communication. Preferred Qualifications Degree in Computer Science, InfoSec, or related More ❯

or threat intelligence. Attacker Knowledge: Practical experience analysing attacker behavior, with a strong understanding and application of threat analysis models like MITRE ATT&CK to prioritize and enhance detective controls. SIEM Expertise: Hands-on experience with SIEM platforms (e.g., Splunk, Google SecOps, Elastic, Sentinel) for More ❯

to demonstrate it: Security Detection and Monitoring Incident Response Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Cloud Security Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel More ❯

and security orchestration tools (MS Sentinel/defender, Splunk, Palo Alto XSOAR…) · Solid Security framework knowledge ie. NIST, CIS, ISO 27001 & MITRE ATT&CK · Strong leadership · Excellent communication skills · Certifications: CISSP, CISM or GIAC (GSEC, GPEN, GCIA) highly desirable More ❯

and security orchestration tools (MS Sentinel/defender, Splunk, Palo Alto XSOAR…) · Solid Security framework knowledge ie. NIST, CIS, ISO 27001 & MITRE ATT&CK · Strong leadership · Excellent communication skills · Certifications: CISSP, CISM or GIAC (GSEC, GPEN, GCIA) highly desirable More ❯

and security orchestration tools (MS Sentinel/defender, Splunk, Palo Alto XSOAR…) · Solid Security framework knowledge ie. NIST, CIS, ISO 27001 & MITRE ATT&CK · Strong leadership · Excellent communication skills · Certifications: CISSP, CISM or GIAC (GSEC, GPEN, GCIA) highly desirable More ❯

enterprise environments. Experience with multiple security controls across various technology domains. Strong understanding of security frameworks and best practices (e.g., NIST, MITRE ATT&CK). Excellent communication, presentation, and interpersonal skills. Strong analytical and problem-solving abilities. Ability to work effectively in a fast-paced More ❯

positives. Supporting Sentinel Workbooks, Alerts, and Playbooks through advanced KQL use. Deep understanding of incident response, threat intelligence and adversary techniques (MITRE ATT&CK framework). Strong knowledge of cloud and hybrid security, particularly within Azure. Additional Requirements: Must hold or be eligible to achieve More ❯

We seek candidates with experience in: Proficiency in GCP (essential) Security architecture principles, frameworks, and best practices Threat modeling methodologies like MITRE ATT&CK, STRIDE, PASTA Cybersecurity experience of 5+ years Security practices including authentication, authorization, logging, encryption, infrastructure security, network segmentation Knowledge of cloud More ❯

or more major SIEM platforms (e.g. Splunk, Sentinel etc.) Deep understanding of log ingestion, parsing, normalisation and enrichment Strong grasp of MITRE ATT&CK framework, threat detection and alert logic Solid scripting/automation skills (e.g., Python, PowerShell, Bash) Experience with cloud logging and monitoring More ❯

or more major SIEM platforms (e.g. Splunk, Sentinel etc.) Deep understanding of log ingestion, parsing, normalisation and enrichment Strong grasp of MITRE ATT&CK framework, threat detection and alert logic Solid scripting/automation skills (e.g., Python, PowerShell, Bash) Experience with cloud logging and monitoring More ❯

or more major SIEM platforms (e.g. Splunk, Sentinel etc.) Deep understanding of log ingestion, parsing, normalisation and enrichment Strong grasp of MITRE ATT&CK framework, threat detection and alert logic Solid scripting/automation skills (e.g., Python, PowerShell, Bash) Experience with cloud logging and monitoring More ❯

a Security Operations Centre (SoC), Network Operations Centre (NoC). Strong understanding of Incident Response processes and methodologies and experience with MITRE ATT&CK framework to map and analyse threats. Knowledge of Endpoint Detection and Response (EDR) platforms. Familiarity with threat hunting techniques and processes. More ❯

or within a SOC/NOC environment Strong knowledge of Microsoft Defender, EDR, and network architecture Understanding of security frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001) Excellent communication and teamwork skills Relevant certifications (e.g., Sec+, OSCP, CISA) are a plus In our company values More ❯

documentation Experience using logging tools (whether this was a SIEM system or not) to generate alerts and reports Knowledge of the MITRE ATT&CK framework Why else you'll love it here Wondering what the salary for this role is? Just ask us! On a More ❯

security engineers to improve their skills and effectiveness. PREFERRED QUALIFICATIONS • BS or MS in a STEM related field. Understanding of the Mitre ATT&CK framework and knowledge of host and network telemetry data (e.g., process lists, application logs, NetFlow). • Have awareness and understanding of More ❯

or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Familiarity with CTI platforms (e.g., MISP, OpenCTI, ThreatConnect) and external intelligence sources (e.g., SpyCloud, Recorded More ❯

or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Familiarity with CTI platforms (e.g., MISP, OpenCTI, ThreatConnect) and external intelligence sources (e.g., SpyCloud, Recorded More ❯

or managing CTI teams. Strong knowledge of threat intelligence lifecycle and operational CTI practices. Hands-on experience implementing CTI frameworks (e.g., MITRE ATT&CK, Diamond Model, Cyber Kill Chain). Familiarity with CTI platforms (e.g., MISP, OpenCTI, ThreatConnect) and external intelligence sources (e.g., SpyCloud, Recorded More ❯

and provide actionable insights. Engage with and manage stakeholders throughout the incident lifecycle. Lead the threat-hunting process, using frameworks like MITRE ATT&CK to proactively identify potential threats. Ideal Candidate: Extensive experience in all aspects of Incident Response, with hands-on involvement in P1 More ❯

considered for this role, you will come from a CTI background with a focus on Tactical and Operational work. Experience with MITRE ATT&CK and TTP mapping would be highly desirable, coupled with a flare for strong communication and reporting skills for stakeholders/senior More ❯

in GCP - essential •Strong knowledge of security architecture principles, frameworks, and best practices •Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc. •Overall experience in Cybersecurity: 5+ years •Security practices encompassing authentication, authorization, logging/monitoring, encryption, infrastructure security, and More ❯